Online Ordering System Project
Products
1- 27 CVEs
Recent CVEs
27| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8231 | Med | 0.41 | 6.3 | 0.00 | May 10, 2026 | A vulnerability has been found in CodeAstro Online Catering Ordering System 1.0. This affects an unknown function of the file /deleteorder.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been… | ||
| CVE-2025-7755 | Med | 0.41 | 6.3 | 0.00 | Jul 17, 2025 | A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit_product.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated… | ||
| CVE-2023-2246 | 0.03 | — | 0.04 | Apr 23, 2023 | A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. The attack… | |||
| CVE-2025-3141 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated… | |||
| CVE-2025-3140 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /view_category.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2024-57328 | 0.00 | — | 0.01 | Jan 23, 2025 | A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The vulnerability arises because the input fields username and password are not properly sanitized, allowing attackers to inject malicious SQL queries to bypass authentication and gain… | |||
| CVE-2023-45342 | 0.00 | — | 0.01 | Nov 2, 2023 | Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database. | |||
| CVE-2023-5423 | 0.00 | — | 0.00 | Oct 5, 2023 | A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirm_order. The manipulation of the argument id leads to sql injection. The attack can be… | |||
| CVE-2023-37150 | 0.00 | — | 0.01 | Jul 10, 2023 | Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item. | |||
| CVE-2023-30092 | 0.00 | — | 0.01 | May 8, 2023 | SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter. | |||
| CVE-2023-1460 | 0.00 | — | 0.01 | Mar 17, 2023 | A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=save_user of the component Password Change Handler. The manipulation leads to improper authentication.… | |||
| CVE-2023-1455 | 0.00 | — | 0.01 | Mar 17, 2023 | A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com'… | |||
| CVE-2023-1365 | 0.00 | — | 0.01 | Mar 13, 2023 | A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php. The manipulation of the argument username leads to sql injection. The attack may be launched… | |||
| CVE-2023-1364 | 0.00 | — | 0.01 | Mar 13, 2023 | A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file category.php of the component GET Parameter Handler. The manipulation of the argument id leads to… | |||
| CVE-2023-27207 | 0.00 | — | 0.01 | Mar 9, 2023 | Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php. | |||
| CVE-2023-27210 | 0.00 | — | 0.01 | Mar 9, 2023 | Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/view_order.php. | |||
| CVE-2023-27208 | 0.00 | — | 0.00 | Mar 9, 2023 | A cross-site scripting (XSS) vulnerability in /php-opos/login.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the redirect parameter. | |||
| CVE-2023-0988 | 0.00 | — | 0.00 | Feb 23, 2023 | A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. The attack may… | |||
| CVE-2023-0910 | 0.00 | — | 0.00 | Feb 18, 2023 | A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_prod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The… | |||
| CVE-2023-0906 | 0.00 | — | 0.01 | Feb 18, 2023 | A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. Affected by this vulnerability is the function delete_category of the file ajax.php of the component POST Parameter Handler. The manipulation leads to missing authentication. The… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in CodeAstro Online Catering Ordering System 1.0. This affects an unknown function of the file /deleteorder.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit_product.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated…
- CVE-2023-2246Apr 23, 2023risk 0.03cvss —epss 0.04
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. The attack…
- CVE-2025-3141Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated…
- CVE-2025-3140Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /view_category.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack…
- CVE-2024-57328Jan 23, 2025risk 0.00cvss —epss 0.01
A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The vulnerability arises because the input fields username and password are not properly sanitized, allowing attackers to inject malicious SQL queries to bypass authentication and gain…
- CVE-2023-45342Nov 2, 2023risk 0.00cvss —epss 0.01
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database.
- CVE-2023-5423Oct 5, 2023risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirm_order. The manipulation of the argument id leads to sql injection. The attack can be…
- CVE-2023-37150Jul 10, 2023risk 0.00cvss —epss 0.01
Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item.
- CVE-2023-30092May 8, 2023risk 0.00cvss —epss 0.01
SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter.
- CVE-2023-1460Mar 17, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=save_user of the component Password Change Handler. The manipulation leads to improper authentication.…
- CVE-2023-1455Mar 17, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com'…
- CVE-2023-1365Mar 13, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php. The manipulation of the argument username leads to sql injection. The attack may be launched…
- CVE-2023-1364Mar 13, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file category.php of the component GET Parameter Handler. The manipulation of the argument id leads to…
- CVE-2023-27207Mar 9, 2023risk 0.00cvss —epss 0.01
Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php.
- CVE-2023-27210Mar 9, 2023risk 0.00cvss —epss 0.01
Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/view_order.php.
- CVE-2023-27208Mar 9, 2023risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in /php-opos/login.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the redirect parameter.
- CVE-2023-0988Feb 23, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. The attack may…
- CVE-2023-0910Feb 18, 2023risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_prod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The…
- CVE-2023-0906Feb 18, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. Affected by this vulnerability is the function delete_category of the file ajax.php of the component POST Parameter Handler. The manipulation leads to missing authentication. The…